CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Zero Day Initiative•added 2017/11/14 12:0 a.m.•22 views

Foxit Reader Field alignment Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the alignment...

6.8CVSS8.7AI score0.0259EPSS

Exploits0References1

Exploit DB•added 2017/07/18 12:0 a.m.•124 views

Microsoft Windows Kernel - 'IOCTL 0x120007 NsiGetParameter' nsiproxy/netio Pool Memory Disclosure

/ We have discovered that the handler of the 0x120007 IOCTL in nsiproxy.sys \.\Nsi device discloses portions of uninitialized pool memory to user-mode clients, likely due to output structure alignment holes. On our test Windows 7 32-bit workstation, an example layout of the output buffer is as...

0day.today•added 2017/06/28 12:0 a.m.•115 views

Microsoft Windows - nt!NtQueryInformationProcess (ProcessVmCounters) Kernel Stack Memory Disclosure

Exploit for windows platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1190&desc=2 We have discovered that the nt!NtQueryInformationProcess system call called with the ProcessVmCounters information class discloses portions of uninitialized kernel...

1.9CVSS6.1AI score0.03423EPSS

Exploits3

seebug.org•added 2017/06/27 12:0 a.m.•91 views

Windows Kernel pool memory disclosure in nt!NtNotifyChangeDirectoryFile(CVE-2017-0299)

We have discovered that the nt!NtNotifyChangeDirectoryFile system call discloses portions of uninitialized pool memory to user-mode clients, due to output structure alignment holes. On our test Windows 10 32-bit workstation, an example layout of the output buffer is as follows: --- cut ---...

1.9CVSS5.7AI score0.0479EPSS

Exploits2

exploitpack•added 2017/06/22 12:0 a.m.•24 views

Microsoft Windows - nt!NtQueryInformationProcess (ProcessVmCounters) Kernel Stack Memory Disclosure

Microsoft Windows - nt!NtQueryInformationProcess ProcessVmCounters Kernel Stack Memory Disclosure / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1190&desc=2 We have discovered that the nt!NtQueryInformationProcess system call called with the ProcessVmCounters information clas...

Exploit DB•added 2017/06/22 12:0 a.m.•63 views

Microsoft Windows - 'nt!NtQueryInformationProcess (ProcessVmCounters)' Kernel Stack Memory Disclosure

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1190&desc=2 We have discovered that the nt!NtQueryInformationProcess system call called with the ProcessVmCounters information class discloses portions of uninitialized kernel stack memory to user-mode clients, due to output...

0day.today•added 2017/06/21 12:0 a.m.•59 views

Microsoft Windows - nt!NtQueryVolumeInformationFile (FileFsVolumeInformation) Kernel Pool Memory Dis

Exploit for windows platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1166 We have discovered that the nt!NtQueryVolumeInformationFile system call discloses portions of uninitialized pool memory to user-mode clients, due to output structure alignme...

1.9CVSS6.1AI score0.03713EPSS

Exploits2

exploitpack•added 2017/06/21 12:0 a.m.•23 views

Microsoft Windows - IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS volmgr Pool Memory Disclosure

Microsoft Windows - IOCTLVOLUMEGETVOLUMEDISKEXTENTS volmgr Pool Memory Disclosure / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1154 We have discovered that the handler of the IOCTLVOLUMEGETVOLUMEDISKEXTENTS IOCTL in volmgr.sys discloses portions of uninitialized pool memory...

Exploit DB•added 2017/06/21 12:0 a.m.•45 views

Microsoft Windows - 'IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS' volmgr Pool Memory Disclosure

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1154 We have discovered that the handler of the IOCTLVOLUMEGETVOLUMEDISKEXTENTS IOCTL in volmgr.sys discloses portions of uninitialized pool memory to user-mode clients, due to output structure alignment holes. On our test Window...

Exploit DB•added 2017/06/21 12:0 a.m.•65 views

Microsoft Windows - 'IOCTL_MOUNTMGR_QUERY_POINTS' Kernel Mountmgr Pool Memory Disclosure

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1150&desc=2 We have discovered that the handler of the IOCTLMOUNTMGRQUERYPOINTS IOCTL in mountmgr.sys discloses portions of uninitialized pool memory to user-mode clients, due to output structure alignment holes. On our test...

rapid7community•added 2017/06/15 4:5 p.m.•19 views

Rapid7 issues comments on NAFTA renegotiation

In April 2017, President Trump issued an executive order directing a review of all trade agreements. This process is now underway: The United States Trade Representative USTR - the nation's lead trade agreement negotiator - formally requested public input on objectives for the renegotiation of th...

6.8AI score

BDU FSTEC•added 2017/06/05 12:0 a.m.•4 views

The vulnerability of Qualcomm Secure Execution Environment’s microprogramming software allows a perpetrator to circumvent existing access control policies.

The vulnerability of Qualcomm Secure Execution Environment for Android, found in the CAF repository, is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to circumvent existing access control policies through improper page alignment...

9.3CVSS7.2AI score0.00582EPSS

Prion•added 2017/05/16 2:29 p.m.•17 views

Improper access control

In QSEE in all Android releases from CAF using the Linux kernel access control may potentially be bypassed due to a page alignment issue...

9.3CVSS6.9AI score0.00582EPSS

Cvelist•added 2017/05/16 2:0 p.m.•26 views

CVE-2016-10238

In QSEE in all Android releases from CAF using the Linux kernel access control may potentially be bypassed due to a page alignment issue...

7.7AI score0.00582EPSS